What is PCI Data Security Standard
This standard applies to all merchants who take payments via credit cards on or off line to ensure customers credit card details are secure at all times. The checklist below provides the security details, however, no credit card details are to be captured, stored or sent without the requisite security. Email is not a secure media and as such cannot be used to send credit card details.
The PCI Data Security Standards Council provides the information and assistance for compliance. Compliance is enforced by the Credit Card Facilities such as Visa, MasterCard and American Express.
Checklist for Compliance
How to achieve Compliance
There are 2 ways to achieve PCI compliance:
1. Implement a trusted compliant payment gateway for all your credit card transactions.
This is by way the recommended and easiest way to ensure compliance. If there is no real need to store credit card details then it is recommended not to do so.
2. Implement the full checklist above to secure your credit card transactions.
Annual Self Assessment
If you choose to implement the PCI Data Security Standard into your business all Credit Card Facilities require the Merchant to provide evidence of self assessment annually or quarterly based on the volumes processed.https://www.pcisecuritystandards.org/merchants/self_assessment_form.php
Penalty for Non Compliance
Here are some additional sites to review or more information or feel free to contact us at CodeSource: